/nsg/ NetSec General

Paintently waited for /cyb/ + /sec/ to hit limit
/netsec/ is dedicated to everything about computer security, networks, exploits, reverse engineering, malware research, etc

What are you learning, /netsec/?

>Learning
cybrary.it/
n0where.net/
offensive-security.com/metasploit-unleashed
resources.infosecinstitute.com/
windowsecurity.com/articles-tutorials/
sans.org/reading-room/
allitebooks.com/
github.com/vhf/free-programming-books/blob/master/free-programming-books.md
learncodethehardway.org/c/
corelan.be/index.php/articles/
opensecuritytraining.info/Training.html
blackhat.com/html/archives.html
securitytube.net/
opensecuritytraining.info/Welcome.html
beginners.re/
phrack.org/
phrack.org/archives/issues/49/14.txt -- Smashing The Stack For Fun And Profit
howto.hackallthethings.com/
pastebin.com/raw/cRYvK4jb -- Phineas Phisher Gamma
pastebin.com/raw/0SNSvyjJ -- Phineas Phisher HackingTeam
pastebin.com/pm1WLXQj -- AnonSec OpNasaDrones
archive.org/stream/pdfy-rJnW-pPgiHK61dok/Black Hat Python, Python Programming for Hackers_djvu.txt
github.com/rpisec/mbe
reverse engineering
microcorruption.com/
github.com/dennis714/RE-for-beginners

>News/CVE releases
threatpost.com/
deepdotweb.com/
packetstormsecurity.com/
cvedetails.com/
routerpwn.com/
exploit-db.com/
rapid7.com/db/
0day.today/

>CTF/Wargames
overthewire.org/wargames/
pentesterlab.com/
itsecgames.com/
exploit-exercises.com/
enigmagroup.org/
smashthestack.org/
3564020356.org/
hackthissite.org/
hackertest.net/
0x0539.net/
vulnhub.com

Attached: default.jpg (250x220, 11K)

Other urls found in this thread:

makezine.com/2017/09/07/secure-your-raspberry-pi-against-attackers/
teamrocketist.github.io/2017/08/29/Forensics-Hackit-2017-USB-ducker/
http.kali.org/kali
old.kali.org/kali
en.wikipedia.org/wiki/Telegram_(service)#Reception
twitter.com/SFWRedditGifs

I'm making a raspberry pi sandbox. I have gone through all the steps here:


>iptables
>change password for and delete default pi account
>key authentication SSH
Basically all the steps from makezine.com/2017/09/07/secure-your-raspberry-pi-against-attackers/
and:
>disabled wifi and bluetooth in every way I could find, even in boot config text file (firmware level).

I plan on running wireshark on the pi to log packets for USB devices and programs ran, and connect to the pi only through SSH over a direct ethernet connection to a computer (pi will not have open access to the internet). However in a preliminary test I found that wireshark on the pi is still able to capture packets from my computer sent over the ethernet interface.
Is there a way to prevent the monitoring computer from sending packets to the pi's ethernet interface? I also plan on bridging the ethernet connection to a hardened virtual machine so I can grab the logs from the pi. Will that keep whatever nasties end up on the pi, on the pi?

Is it worth it to get ccna cyops and ccna sec? What can i do to prep for them?

I'm setting up a work machine at home. How do I secure the fuck out of this? Would prefer to run arch or maybe fedora. (but without going overboard)

thanks OP these are some awesome resources

Would a job with the police in digital evidence use something like Kali for penetration testing or something else. I know there is something in Kali with forensics mode but I am not sure what that means. I want to apply to a job like this but want to look better on the resume and interview. As a minimum it is asking for a degree in something like computer science or mathematics (I do maths); but I also have spent these past months playing around with different linux distros whenever I can.

Also I said Kali, but I know there are other distros. While Kali is the only mentioning both forensics and penetration, I know and been looking into others like pentoo and sabayon forensics and was wondering the differences with these as well (I have grown to like enlightenment 17 , so I was thinking of sabayon because of possibly installing moksha , anyway too much of a side note).

Lastly, would these even matter or would I just more likely be using windows or possibly a mac os (not sure what to think of new mac mini btw -- kinda like a lot)

Is NetHunter dead? All the devices with builds for it are pretty old

Bump please respond

police don't do pentesting and forensics don't use that shit

As far as I know, "forensics mode" simply mounts all attached devices as Read Only, so you can't compromise the integrity of the data you're examining, but in any scenario you'll be working on a clone of the data in question.
The only reason why Kali is the 'hacker distro' is because it's a simple way to download the majority of the tools you'd need to get started at a high-to-medium level. It's by no means the be-all and end-all pentesting distro, there are plenty of tools out there which don't come packaged with it.
An advantage of modern magic is you don't need to be locked to a single operating system. Just spin up virtual machines for whatever platform you prefer.

>t. ASD contractor
most of the stuff I've done with digital forensics involved using testdisk/undelete to recover poorly deleted (not wiped or overwritten) files.
Occasionally we got smooth operators with encryption - if the plods didn't have any leverage on them to get passwords we rarely bothered even trying - pushing runny shit uphill.
You aren't likely to get work with the cops without a compsci degree. Waltzing in with kali on a usb will just get you laughed at.

Not bully but trying to make you see how things are.

>inb4 idcard - how fucken new do you think I am?

Attached: 2bb0627192a09a2aade6e18c3a7a02f4.jpg (3872x2592, 1.19M)

do glow niggers make these threads as a recruitment tool?

Attached: terry.png (628x800, 665K)

>(not sure what to think of new mac mini btw -- kinda like a lot)
You just blew the interview kiddo!

Thanks all this was really helpful, I wasn't sure about the job description so understanding this is key
I am hoping to get work based on nepotism (family) so I just want to seem alright

installing blackarch as I see this thread
>none of your b0xen are safe >:)

Attached: Screenshot_2018-12-15_00-24-25.png (1920x1080, 1.34M)

You'll be vetted - if there's ANYTHING you don't want to discuss in front of your family(?) it's probably too late but I'd get unsubscribing and scrubbing now.
Aside from that if you do get work be prepared to be disheartened - having to see some of the most depraved shit (often you as the "unlocker" will have to view it for chain of evidence) and then most of the time the cops either won't bring charges against the sick fucks or more than likely they'll have a gud lawyer and get off on a technicality.
I wish I was kidding.

If I didn't have kids I want to see grow up I'd have gone rogue by now.

Attached: 404286-knights-of-badassdom.jpg (1024x628, 83K)

ok, good to know.

If doing forensics for Law Enforecement, oyu should learn hour to use court-validated tools like EnCase and FTK. Using an unvalidated tool and the opposing side can claim your tool isn't validated, can't be trusted, and the evidence thrown out or at least needed to be re-done.

Did a first test of my Raspberry Pi Sandbox workflow on a USB flash drive I've had for years that I know to be clean.

Does anyone have a source describing what kind of USB packet traffic to expect from a flash drive (or any other peripheral)? I know you can monitor for attempted keystroke inputs like here:
teamrocketist.github.io/2017/08/29/Forensics-Hackit-2017-USB-ducker/

which could be useful for detecting BadUSB type devices. Is there anything else I should watch out for? I intend on inspecting the drive's contents as well of course. Any tools out there that will let you see everything, not just the stuff the OS is supposed to see?

Would it be hard to get police work if you didn't have a CS degree but had work experience in digital forensics?

The way you describe what you do it doesn't seem that difficult - no offense (not like you have to create new scripts in C). And the CS major is pretty much just calculus, which is irrelevant to any of what we are discussing in this thread

I've lost a lot of faith in netsec tutorials of any kind since I had my entire life's worth of
personal details known about me by someone on Jow Forums despite him never having known me prior to making a few impersonal posts. He managed to get
my full name, aliases and exact location and I still can't work out how he did it. I don't give that information out

Please respond

Attached: 00B30706-B5B8-4E39-BF31-6C3FB9805AA9.jpg (436x536, 63K)

nice thread

Have you considered that he just made a lucky guess?

I know this isn't a general networking thread, but...
How much of an impact can running your PPPoE box -> switch -> router/router -> computer/computer/computer/etc have? Should I just ditch the router, wire the PPPoE -> switch -> computer/computer/computer?

are you saying that these resources are compromised?

so i did a reinstall of kali yesterday, and for some godforsaken reason apt-get install kali-linux-full isn't working anymore, i keep getting E: unable to locate package kali-linux-full.

I've used this exact fucking command before,what is going on here?

So I have this homework to do

The IP address machine 166.193.233.60 has the following routing table:

network mask next no interface
XXX 255.255.255.192 - i0
163.140.23.96 255.255.255.0 166.193.233.58 i0
132.40.193.96 255.255.255.0 166.193.233.45 i0

What is the address represented by XXX?
My answer was 166.193.233.0, but apparently, it's wrong.
Also the two network addresses don't make sense with that given mask.
Please help.

nevermind

I had to do

cd /etc/apt/
nano sources.list

this opened up the sources file that I couldn't otherwise touch without leafpad, then I had to manually delete the old sources list and put in the new ones

deb http.kali.org/kali kali-rolling main contrib non-free
deb old.kali.org/kali sana main non-free contrib
deb old.kali.org/kali moto main non-free contrib

now i'm reinstalling all the hackerman tools I had before

Non-free sources... Whatever dude...

bitch I have a non free laptop the fuck you gonna do about it

why the fuck does macchanger not work

i litterally just did a clean reinstall and it's still fucking fucked

Not really but unless you want to be doing data entry etc. you'll need a BSc in something moderately relevant. Don't do it anymore and it wasn't hard - I had the knowledge of how to use the tools. Which leads me to muh next point - - this but ensure that the tools are the ones the dept uses.

It's hard on the psyche tho - be warned.

Majority of h4x00ring is social engineering. I'd guess you let some detail of your life slip and he put 2+2 together till he got your details.
Most of the stuff I've done in backgrounding is breadcrumb work - ie. I get 1 detail and then use that info to dig deeper.

If he's dug that deeply into your life he'll have left behind traces in logs etc. that will show - maybe return the favour to him.

I'd also suggest that EVERYONE be wary of ANYTHING they link to dld here - not everyone who post is an altruistic whitehat.

Attached: 10369660-3x2-xlarge.jpg (862x575, 75K)

bump

>I don't give that information out

Evidently, you are stupid enough to not only give out that information, but also to do so without realising it lmao

RESPOND

Attached: 5EBDF204-1935-4B46-A34A-3E72C24F4F38.png (396x418, 355K)

why do u even need macchanger, it's pretty much useless
ip link set eth0 address fa:ce:de:ad:da:d5

Why the hell would glowniggers want to recruit from Jow Forums?

no not worth it
you don't need a certification to become a hacker

full of poor neets who need money and are fluent in memespeak

Yes. Build a lab and study, nigger.

I attached a brand new kanguru flash trust flash drive to the raspberry pi and captured USB packets using wireshark. I didn't detect any abnormal keyboard activity coming from the flash drive, however I did notice that the device manufacturer is listed as "Lumension Security". I can't find any link between Kanguru and Lumension on the internet.
Just making absolutely sure: is this safe to use?

Attached: lumension_kanguru.png (896x151, 21K)

Most pedos get arrested wtf are you talking about

no it's evil and you will never detect it give up now

how would they recruit from an anonymous board

Because I want an automated script that gives me a small amount of security but every time I try to connect to a network it reverts.

Macchanger used to work now it sucks for some godforsaken reason.

Defcon talks told me to automate my digital security so I'm trying that

Sadly you're correct and incorrect.

Most paedos that the cops have evidence where there's been a crime (in the cases I'm talking about - recoverable files on devices that can intrinsically be linked to the accused for eg.) are arrested.
Depending on their savvy, finances and forward thinking they'll have a halfway decent lawyer either on retainer or paid enough to get them bailed.
From being charged the onus is then on us (the job I used to do) to provide the police with evidence correctly obtained and processed to be used in court against the accused.

You'd be horrified to know how simple it is for a gud lawyer to argue that chain of evidence has been broken and therefore stuff that would definitively prove someone is a kiddyfiddler can be ruled by a judge to be inadmissible.

I wish I was wrong. Never been the cause muhself but seen other fuck it up and have to live with the fact that a kidfucker is walking the streets because of them.

Remember: the onus of proof is on the prosecutors. More often than not the police won't pursue a conviction or arrest because they know that they don't have the evidence to follow thru...

Again I genuinely wish I was wrong or lying to you. I'm not.

It's horrendously soul destroying work.

Attached: CvMZ1T8UkAAuozp.jpg (640x480, 39K)

Is it worth it to enlist in the military for "Cyber" operations? I can't think of a downside

>free training
>free room and board and food
>only have to serve 4 years
>veteran status
>make it out somewhat physically Jow Forums

I see no downsides to this. Mainly talking about Army, as the Air Force puts you wherever they want you to be put but the Army lets you have a choice.

Attached: AirForceLogo.jpg (1400x1272, 231K)

Attached: annoyedpepe.jpg (125x125, 3K)

Hi boys, glad to see this thread up again, good shit.
You won't see all the benefits of being a veteran if you only serve 4 years,

You still get veteran status though for having served though?

Is XMPP server + OTR a secure instant messaging solution for a pedo terrorist group?

You have to serve X years to get things like full medical (I can't remember how many years off the top of my head), if you want it just for the nameplate, then yea sure go ahead.

Be prepared to be let down unless you're on a red team. Most of the 'cyber' bullshit in DoD is just defensive security stuff for aging IT systems or you end up being some guy freaking the fuck out because a checklist item isn't mitigated. Score high on your advancement exams, get training and do shit no one else wants to do.

Attached: 1494874201258.gif (500x270, 728K)

how do you know all this

Just use telegram

I know i dont need it but is it helpful? If not are the resources here good enough?

So they can keep all my info?
Using it doesn't sound very intelligent after reading this en.wikipedia.org/wiki/Telegram_(service)#Reception

Hello spook.

How has it impacted your work now they have moved all roles to contractors instead of being gov employees?

Did youse see a pay rise? It kinda concerns me the move they made to contractors. I guess because i am an ex def contractor and saw how much of a shitshow the contracting game is.

Has the home affairs merger fucked with your day to day? It seems to have made a significantly POORER community. I work as an airport contractor. We received mandates from home affairs to reach MAT L3, and follow the essential 8. Now they couldn’t tell me a fucking thing about any of it in-depth, and just referred to the ASD with the broadest stokes. I dunno it’s kinda shitshow from the outside.

>frmr ASD contractor.

Been out of the game a while now.

>Has the home affairs merger fucked with your day to day?
>and follow the essential 8.
Had some input on ACORN implementation.

Honestly as I've said - glad to be out. It really fucks with your head when you've got kids and having a sub 30% strike rate for convictions leading to incarceration makes it even fucking worse.

>be a bloke I worked with.
>couldn't rcon (can't remember why - stupidity probably)
>has case workload external (again - outside of CoE?)
>can't be arsed fixing it - dlds dodgy encase iso and caine i think
>gets files
>his co finds out
>nothing he got can be used and now that source cannot be included in prosecution (not a lawyer - don't ask why)
>scumbag leaves the building off to collect more pics of kids getting beaten and raped.
>guy who fucked up has kids same age...

>I guess because i am an ex def contractor and saw how much of a shitshow the contracting game is.
tbqfhphamalama I used muh bash skillz more than anything else. The pubic savants used to look down on us as tho we were the dogshit they were trying scrape off their shoes. Especially the linux geeks like me....

Cheers m8

Attached: 1243681.jpg (1280x1587, 183K)